• Jan 3, 2021 by Petri Kallberg

    Tunneling into VPC

    In Where is my bastion host? and EC2 Instance Connect vs. SSM Session Manager I wrote about how to connect to EC2 instances inside a VPC without having to run a bastion host exposed to Internet but using the AWS API as the contact point. While this arrangement has many advantages over running your own server/service there is still one important use-case it can not do.

  • Dec 22, 2020 by Petri Kallberg

    Building a Custom Cloudformation Resource Type

    Cloudformation resource types are real 1st class citizens and comparable to any AWS provided resources. Major difference to custom resources is the deployment model where AWS Cloudformation service is taking care of executing the resource type code on your behalf, and Cloudformation Registry for sharing and consuming resource types across multiple projects.
  • Sep 26, 2020 by Petri Kallberg

    Rerouting Legacy Server IP Address

    In lift-and-shift -migrations from on-premises data center to AWS, you often find workloads that have been running for fairly long time with minimal changes and not all "modern IT" practices can not be taken for granted. One such practice is using DNS to find server IP address.
  • Sep 6, 2020 by Petri Kallberg

    Conditional Dependency in Cloudformation

    The 2nd instalment in the series of "old dog learning new cloudformation tricks" shows how to define a conditional dependency to a resource that may not necessary exists in the stack.
  • Jun 21, 2020 by Petri Kallberg

    Devil in Details

    The devil is in the details is an idiom that refers to a catch or mysterious element hidden in the details, meaning that something might seem simple at a first look but will take more time and effort to complete than expected. I think this describes pretty well the announcement of ACM Cloudformation extension.